It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks
暂无分享,去创建一个
Per Larsen | Ahmad-Reza Sadeghi | Bjorn De Sutter | Michael Franz | Lucas Davi | Thorsten Holz | Christopher Liebchen | Stephen Crane | Felix Schuster | Stijn Volckaert
[1] Milo M. K. Martin,et al. SoftBound: highly compatible and complete spatial memory safety for c , 2009, PLDI '09.
[2] Hovav Shacham,et al. Return-oriented programming without returns , 2010, CCS '10.
[3] Ahmad-Reza Sadeghi,et al. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming , 2015, NDSS.
[4] Xuxian Jiang,et al. On the Expressiveness of Return-into-libc Attacks , 2011, RAID.
[5] Ahmad-Reza Sadeghi,et al. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization , 2013, 2013 IEEE Symposium on Security and Privacy.
[6] Michael Backes,et al. You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code , 2014, CCS.
[7] Peng Ning,et al. HideM: Protecting the Contents of Userspace Memory in the Face of Disclosure Vulnerabilities , 2015, CODASPY.
[8] Sorin Lerner,et al. SafeDispatch: Securing C++ Virtual Calls from Memory Corruption Attacks , 2014, NDSS.
[9] Dan Boneh,et al. Hacking Blind , 2014, 2014 IEEE Symposium on Security and Privacy.
[10] Per Larsen,et al. Readactor: Practical Code Randomization Resilient to Memory Disclosure , 2015, 2015 IEEE Symposium on Security and Privacy.
[11] David A. Wagner,et al. The Performance Cost of Shadow Stacks and Stack Canaries , 2015, AsiaCCS.
[12] Per Larsen,et al. Booby trapping software , 2013, NSPW '13.
[13] Thorsten Holz,et al. Towards automated integrity protection of C++ virtual function tables in binary programs , 2014, ACSAC.
[14] Moritz Contag,et al. Evaluating the Effectiveness of Current Anti-ROP Defenses , 2014, RAID.
[15] Heng Yin,et al. vfGuard: Strict Protection for Virtual Function Calls in COTS C++ Binaries , 2015, NDSS.
[16] Zhenkai Liang,et al. Jump-oriented programming: a new class of code-reuse attack , 2011, ASIACCS '11.
[17] Ahmad-Reza Sadeghi,et al. Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM , 2013, ASIA CCS '13.
[18] George Candea,et al. Code-pointer integrity , 2014, OSDI.
[19] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.
[20] Per Larsen,et al. Librando: transparent code randomization for just-in-time compilers , 2013, CCS.
[21] Jeff Seibert,et al. Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code , 2014, CCS.
[22] Daniel C. DuVarney,et al. Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.
[23] Michael Backes,et al. Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing , 2014, USENIX Security Symposium.
[24] Stelios Sidiroglou,et al. Missing the Point(er): On the Effectiveness of Code Pointer Integrity , 2015, 2015 IEEE Symposium on Security and Privacy.
[25] Hovav Shacham,et al. Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.
[26] Per Larsen,et al. Profile-guided automated software diversity , 2013, Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO).
[27] Chao Zhang,et al. VTint: Protecting Virtual Function Tables' Integrity , 2015, NDSS.
[28] Per Larsen,et al. SoK: Automated Software Diversity , 2014, 2014 IEEE Symposium on Security and Privacy.
[29] Ahmad-Reza Sadeghi,et al. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications , 2015, 2015 IEEE Symposium on Security and Privacy.
[30] Úlfar Erlingsson,et al. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM , 2014, USENIX Security Symposium.
[31] Chao Zhang,et al. Exploiting and Protecting Dynamic Code Generation , 2015, NDSS.
[32] Dongyan Xu,et al. Polymorphing Software by Randomizing Data Structure Layout , 2009, DIMVA.
[33] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[34] Dawn Xiaodong Song,et al. SoK: Eternal War in Memory , 2013, 2013 IEEE Symposium on Security and Privacy.
[35] Per Larsen,et al. Opaque Control-Flow Integrity , 2015, NDSS.
[36] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.